Vulnerabilities > Linuxfoundation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-24 | CVE-2020-11093 | Improper Verification of Cryptographic Signature vulnerability in Linuxfoundation Indy-Node Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. | 5.0 |
2020-12-16 | CVE-2020-26273 | Command Injection vulnerability in Linuxfoundation Osquery osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. | 3.6 |
2020-12-11 | CVE-2020-9301 | Deserialization of Untrusted Data vulnerability in Linuxfoundation Spinnaker Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5. | 6.5 |
2020-12-01 | CVE-2020-15257 | Incorrect Resource Transfer Between Spheres vulnerability in multiple products containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. | 5.2 |
2020-11-06 | CVE-2020-26892 | Use of Hard-coded Credentials vulnerability in multiple products The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled. | 9.8 |
2020-11-06 | CVE-2020-26521 | NULL Pointer Dereference vulnerability in multiple products The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). | 7.5 |
2020-10-16 | CVE-2020-15157 | Insufficiently Protected Credentials vulnerability in multiple products In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. | 2.6 |
2020-09-30 | CVE-2020-26149 | Insufficiently Protected Credentials vulnerability in Linuxfoundation Nats.Deno and Nats.Js NATS nats.js before 2.0.0-209, nats.ws before 1.0.0-111, and nats.deno before 1.0.0-9 allow credential disclosure from a client to a server. | 5.0 |
2020-09-30 | CVE-2020-13794 | Information Exposure vulnerability in Linuxfoundation Harbor Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor. | 4.0 |
2020-09-09 | CVE-2020-15163 | Insufficient Verification of Data Authenticity vulnerability in Linuxfoundation the Update Framework Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. | 4.9 |